Intelligent Security

Secure DNS is the key to strong network security

There's network security gold in your DNS records. Leverage your DNS infrastructure to reduce attack surface, prevent data exfiltration, and gain unprecedented visibility with BlueCat's DNS security tools.

Are you paying attention to DNS as a threat vector?

Enhance security and visibility through DNS

Intelligent Security from BlueCat protects internal and external traffic against security threats through the ubiquitous nature of the Domain Name System (DNS). Monitor, block, or redirect DNS queries based on security policies you define, drawing on the DDI solution you already use.

Policy Enforcement

Custom policy enforcement

Bring your own threat feeds or easily create your own security policies. Leverage granular data on source IP address, query, response, query type, authoritative nameserver, and more.

Threat Feed

Integrated threat intelligence

Detect DNS attacks like domain generation algorithms and DNS tunneling to block data exfiltration

Insights and Analytics

Insights and analytics

Empower your threat hunters with detailed insights into malicious software lurking in your DNS services


SIEM integration

Feed as much DNS, DHCP, and IPAM data as you want into existing security platforms like Splunk

Driving NetOps 2.0 with DNS insights

2020 Networking Trends Report


What can Intelligent Security do for you?

Reduce Incidence Response Time

Reduce incident response time

Root out the source and blast radius of a breach. Fast.

Watch Video

Reduce Attack Surface

Reduce attack surface

Limit access to sensitive data and lock down single-use devices.

Watch Video

Stop Domain Genertion Algorithms

Stop domain generation algorithms

Block temporary domains used by malicious actors.

Read Post

Hacker icon

Identify malicious DNS tunneling

Identify security gaps caused by malicious DNS tunneling.

Read Post

Build network security from the ground up

DNS, DHCP, and IP Address Management form the core of every network management system. Unfortunately, they also form the core of most cybersecurity threats. The same DNS servers used by every piece of hardware and software on your network, every mobile device, every IoT sensor are also used by malware. That’s why DDI security is a necessary foundation for locking down today’s complex networks.

Here’s how BlueCat is different. We become the “first hop” DNS resolver for every network query through the use of a lightweight service point. That allows us to collect, analyze, and act on everything that happens on your network, without the need for an on-device agent or a clunky appliance. You can apply security policies right at the client source (on-prem or in the cloud) to block, redirect, or monitor DNS queries trying to access malicious domains. You can dive into the details to look at DNS response data and other contextual indicators of compromise. You can push DNS data into a SIEM or any other data analytics platform for additional analysis.

There are plenty of network security software solutions out there, and many of them use DNS as a layer of security in some way. Yet only BlueCat approaches Domain Name System security as a way to provide both visibility and control over every device on your network. Filters and DNS firewalls perform content filtering on the network boundary.  BlueCat gives you insight and the ability to act on both public DNS (“north-south”) and internal DNS (“east-west”) queries. This goes way beyond DNS protection through mere DNSSEC or a standard DNS firewall – this is DNS based security which reaches every corner of your enterprise. This is DNS malware protection which works right at the level of a DNS request.

BlueCat’s DNS security solution also provides a necessary bridge between network security teams and network administrators. Forensic investigations are time sensitive by their very nature. Without a way to collect and analyze DNS logs from across the enterprise, correlating DNS data with other indicators of compromise can be a time-consuming process. BlueCat provides the ability for threat hunters to get the information they need quickly, without having to create yet another DNS service ticket.